Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/0m9oYCLUG9VAyHBUpgSObgt1OGE.roa
File: 0m9oYCLUG9VAyHBUpgSObgt1OGE.roa (raw, json)
Hash identifier: XrwLYVn9oflthx1te8vi7AKpwSw6/y4qRVziPAwTzRg=
Subject key identifier: D2:6F:68:60:22:D4:1B:D5:40:C8:70:54:A6:04:8E:6E:0B:75:38:61
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 018D2F02D6F0FEAA47C5E91273A0C9E7BB5E
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/0m9oYCLUG9VAyHBUpgSObgt1OGE.roa
Signing time: Mon 22 Jan 2024 02:32:11 +0000
ROA not before: Mon 22 Jan 2024 02:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54994
IP address blocks: 93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 07:09:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2f:02:d6:f0:fe:aa:47:c5:e9:12:73:a0:c9:e7:bb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Jan 22 02:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d26f686022d41bd540c87054a6048e6e0b753861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a8:a6:8f:46:df:5b:e8:61:09:f9:4a:1e:36:
bb:cf:d6:16:94:a8:95:8f:5b:14:7b:68:58:01:4f:
af:e5:f2:7f:eb:8c:42:6d:a5:25:5d:bd:fc:ca:16:
f0:49:fc:ab:af:14:05:fd:d1:f3:7d:25:c9:86:6f:
d0:9f:6f:ab:d6:95:76:e7:64:21:8e:ef:7f:af:35:
83:89:b9:2e:5a:12:b0:59:1e:75:3c:1a:44:f5:b3:
6a:a1:40:6b:19:79:2f:4c:b0:cf:c0:c2:8d:55:22:
75:cf:7b:f4:b9:bf:88:e3:22:fb:81:7c:43:ce:f9:
f5:94:f6:d9:12:b1:f6:e0:d7:d7:89:c3:9c:14:1b:
88:97:24:07:33:f9:7a:58:62:26:eb:81:ec:00:17:
e8:58:33:aa:24:8a:39:75:e9:ba:3a:0c:08:1d:b9:
14:13:19:0a:4f:14:ad:98:d4:63:19:25:87:fb:f7:
a9:19:73:94:43:43:0e:5c:37:b0:f2:2f:d6:84:fb:
a0:f6:e8:25:1a:5e:3a:fb:5a:55:7c:61:06:98:a6:
ce:57:d3:13:49:af:19:49:28:98:2a:42:c9:29:85:
9f:92:b5:4c:da:33:d8:84:0b:38:60:3e:7b:a1:6e:
37:7a:77:87:92:09:f4:5b:56:12:39:29:ef:61:94:
e8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6F:68:60:22:D4:1B:D5:40:C8:70:54:A6:04:8E:6E:0B:75:38:61
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/0m9oYCLUG9VAyHBUpgSObgt1OGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.135.0/24
148.253.34.0/24
148.253.228.0/24
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.246.0/24
148.253.248.0/24
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.84.0/23
163.171.87.0/24
163.171.94.0/24
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.166.0/24
163.171.177.0/24
163.171.182.0/24
163.171.188.0/24
163.171.207.0/24
163.171.222.0/24
163.171.224.0/23
163.171.231.0/24
163.171.249.0/24
163.171.252.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
Signature Algorithm: sha256WithRSAEncryption
3f:fd:42:84:85:11:a9:05:99:22:bf:13:a5:e0:b9:d5:84:9e:
8a:da:39:7f:7a:ec:ac:01:ae:4f:5e:20:c1:8e:8d:04:43:83:
1b:71:2f:2d:2e:d5:b9:b5:6b:7e:b3:3b:fb:06:97:17:d1:7c:
1a:13:b4:7b:d2:31:f8:48:ef:a3:8f:ea:99:37:96:40:0d:64:
88:c4:c3:3f:3a:a4:6f:bb:24:ca:3c:ba:4d:c0:5f:88:23:0f:
27:fb:c4:f7:33:77:b8:20:a9:d9:45:0a:04:5c:20:13:b5:b7:
14:66:3b:50:76:af:53:c5:e6:a3:44:59:4d:f8:ff:ff:ec:25:
20:e8:4c:4f:6c:27:0f:7d:b7:82:55:89:bf:d8:26:e7:bc:cd:
9b:f1:7d:d2:90:7b:78:e3:f8:57:0c:30:e3:19:72:c7:53:d7:
67:61:92:85:46:03:8c:17:05:c9:70:d8:dd:de:cb:9b:6f:86:
ba:ce:c7:19:8f:5b:ef:cc:4f:5e:39:58:80:1b:7b:c1:a0:61:
72:87:66:cc:20:60:7a:65:01:bc:25:f0:5a:33:a4:10:00:8c:
5e:c7:71:06:16:1e:cd:65:5a:7c:4f:97:58:e2:fe:20:f2:a5:
5c:47:7f:61:f6:cb:2d:ea:96:eb:46:d4:55:50:a4:ce:4a:0e:
9e:27:ab:7b
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAY0vAtbw/qpHxekSc6DJ57teMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjQwMTIyMDIzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZmNjg2MDIyZDQxYmQ1NDBjODcwNTRhNjA0OGU2ZTBiNzUzODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6imj0bfW+hhCflKHja7z9YWlKiV
j1sUe2hYAU+v5fJ/64xCbaUlXb38yhbwSfyrrxQF/dHzfSXJhm/Qn2+r1pV252Qh
ju9/rzWDibkuWhKwWR51PBpE9bNqoUBrGXkvTLDPwMKNVSJ1z3v0ub+I4yL7gXxD
zvn1lPbZErH24NfXicOcFBuIlyQHM/l6WGIm64HsABfoWDOqJIo5dem6OgwIHbkU
ExkKTxStmNRjGSWH+/epGXOUQ0MOXDew8i/WhPug9uglGl46+1pVfGEGmKbOV9MT
Sa8ZSSiYKkLJKYWfkrVM2jPYhAs4YD57oW43eneHkgn0W1YSOSnvYZTomwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFNJvaGAi1BvVQMhwVKYEjm4LdThhMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvMG05b1lDTFVHOVZBeUhCVXBnU09iZ3QxT0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBwQQCAAEwgboDBABd
vIcDBACU/SIDBACU/eQwDAMEAJT95wMEApT96AMEAJT97QMEAJT97wMEAJT99gME
AJT9+AMEAKOrQAMEAKOrQwMEAaOrRgMEAaOrVAMEAKOrVwMEAKOrXjAMAwQFo6tg
AwQAo6tiMAwDBACjq2UDBACjq2gDBACjq6YDBACjq7EDBACjq7YDBACjq7wDBACj
q88DBACjq94DBAGjq+ADBACjq+cDBACjq/kDBACjq/wDBADCaxMwDwQCAAIwCQMH
ACoBU8D/xjANBgkqhkiG9w0BAQsFAAOCAQEAP/1ChIURqQWZIr8TpeC51YSeito5
f3rsrAGuT14gwY6NBEODG3EvLS7VubVrfrM7+waXF9F8GhO0e9Ix+Ejvo4/qmTeW
QA1kiMTDPzqkb7skyjy6TcBfiCMPJ/vE9zN3uCCp2UUKBFwgE7W3FGY7UHavU8Xm
o0RZTfj//+wlIOhMT2wnD323glWJv9gm57zNm/F90pB7eOP4Vwww4xlyx1PXZ2GS
hUYDjBcFyXDY3d7Lm2+Gus7HGY9b78xPXjlYgBt7waBhcodmzCBgemUBvCXwWjOk
EACMXsdxBhYezWVafE+XWOL+IPKlXEd/YfbLLeqW60bUVVCkzkoOnierew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:27 2024 by rpki-client on console-ams.rpki-client.org